How secure is Windows 8?
The latest addition to the Windows operating system family has been out for a while now, but is it secure enough for business users? Davey Winder investigates...
Securing Windows 8 is like securing three different operating systems: a legacy Windows desktop: a Windows RunTime and a Windows RunTime running on ARM-based systems.
"This will make it much more difficult for a small business to implement security strategies," he added.
"Organisations that use Windows 8 systems based on x86 technology [PCs] can ensure that existing security tools can continue to be used...but is less clear for systems based on Windows RunTime, [such as] the current Windows Surface tablets."
Secure migrations
So, how can a small business considering the move to Windows 8 ensure the change does not impact on the security of its data and the networks it sits upon?
Qualys's Kandek reckons SMBs will benefit immediately from refreshing their old hardware and the additional security technologies that Windows 8 brings.
The malware test
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
There is a case for MRDA (Many Rice-Davies Applies) when one security vendor product tests the offerings of another, but recent research from Bitdefender suggests Windows 8 users may find themselves susceptible to malware.
"Windows 8, with Windows Defender running, was infected by 61 of the 385 most popular malware samples in a controlled test carried out by leading virus researchers over the past week," the company said in a statement.
"As a means of protecting a computer from viruses, data theft and other type of malware, Windows Defender is better than nothing," said Catalin Cosoi, chief security strategist at Bitdefender. "But it's not a whole lot better."
"The migration of normal PCs to Windows 8 is straightforward and the included security technologies, such as the improved Windows Defender, can be considered adequate [enough] for most SMBs," he said.
"A bigger obstacle might be the completely different user interface that will require flexibility and an additional leaning effort from users."
Austin also doubts the move to Windows 8 will cause many problems for SMB users, as long as the vendors the business partners with have updated their solutions to be fully compatible.
That being said, "it is important to treat the inbuilt security features of Windows 8 as providing an increased level of protection, as opposed to a replacement for existing security measures," he said.
"The inclusion of SkyDrive probably poses the biggest threat to the security of a business's data, although this threat also exists on Windows 7, assuming users have been allowed to install cloud based storage applications, such as SkyDrive and DropBox.
"Implementing controls around the movement and encryption of corporate data should be one of the biggest concerns for a business when moving to Windows 8," Austin concluded.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.